Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: login security issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: login security issue

Subject: Re: login security issue
From: Anjo Krank <email@hidden>
Date: Thu, 13 Jul 2006 05:54:54 +0200


Am 12.07.2006 um 22:31 schrieb Chuck Hill:

If you set the headers to disallow caching it should prevent what Thomas is describing. However, if the user allowed the browser to save their password, there is nothing you can do.

Sure you can: set the name of the username field to session.sessionID. Then, when you go back and have caching disallowed and the page re-renders, it has a field name the browser hasn't seen before and so it can't fill it out. This is totally annoying for users that *want* teir info stored, though ;)

Cheers, Anjo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden



References:  
  >login security issue (From: Thomas Pelaia II <email@hidden>)
  >Re: login security issue (From: Miguel Arroz <email@hidden>)
  >Re: login security issue (From: Chuck Hill <email@hidden>)




Prev by Date:
Re: looking for WO hosting services

Next by Date:
Re: How to have Xcode open .eomodeld directories with 	EOModeler

Previous by thread:
Re: login security issue

Next by thread:
Re: login security issue

Index(es):

Date
Thread